<?php
/**
 * Copyright (c) 2006-2008, Julien PORTALIER
 * http://featherphp.googlecode.com/
 * 
 * Licensed under The MIT License
 * Redistributions of files must retain the above copyright notice.
 */

/**
 * Handles webservice authentification throught WSSE (used by ATOM).
 */
class AuthWsseComponent
{
	protected $Auth;
	
	function startup(Controller $Controller)
	{
		if (isset($_SERVER['HTTP_X_WSSE']))
		{
			preg_match('/Username="(.+?)"/i',       $_SERVER['HTTP_X_WSSE'], $username);
			preg_match('/PasswordDigest="(.+?)"/i', $_SERVER['HTTP_X_WSSE'], $digest);
			preg_match('/Nonce="(.+?)"/i',          $_SERVER['HTTP_X_WSSE'], $nonce);
			preg_match('/Created="(.+?)"/i',        $_SERVER['HTTP_X_WSSE'], $created);
			
			$username = $username[1];
			$digest   = $digest[1];
			$nonce    = $nonce[1];
			$created  = $created[1];
			
			$Member = new Member();
			$Member->read($username);
			
			$_digest = base64_encode(sha1($nonce.$created.$Member->password));
			if ($digest !== $_digest)
			{
				HTTP::status(403);
				die();
			}
			
			$Controller->Auth->sign_in($Member, false);
		}
	}
}
?>